A vulnerability, which was classified as critical, was found in CodeAstro Hospital Management System 1.0. Affected is an unknown function of the file /backend/doc/his_doc_update-account.php. The manipulation of the argument doc_dpic leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Related CVEs

CVE-2024-11674

Key Information

GHSA ID

GHSA-x6vf-7crv-fr5w

Published

November 26, 2024 12:33 AM

Last Modified

November 26, 2024 12:33 AM

CVSS Score

5.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: September 16, 2025 6:14 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.